/usr/share/doc/axiom-doc/hypertex/cryptoclass7.xhtml is in axiom-hypertex-data 20120501-8.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 | <?xml version="1.0" encoding="UTF-8"?>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:m="http://www.w3.org/1998/Math/MathML">
<head>
<meta http-equiv="Content-Type" content="text/html" charset="us-ascii"/>
<title>Axiom Documentation</title>
<style>
html {
background-color: #ECEA81;
}
body {
margin: 0px;
padding: 0px;
}
div.command {
color:red;
}
div.center {
color:blue;
}
div.reset {
visibility:hidden;
}
div.mathml {
color:blue;
}
input.subbut {
background-color:#ECEA81;
border: 0;
color:green;
font-family: "Courier New", Courier, monospace;
}
input.noresult {
background-color:#ECEA81;
border: 0;
color:black;
font-family: "Courier New", Courier, monospace;
}
span.cmd {
color:green;
font-family: "Courier New", Courier, monospace;
}
pre {
font-family: "Courier New", Courier, monospace;
}
</style>
</head>
<body>
<div align="center"><img align="middle" src="doctitle.png"/></div>
<hr/>
<center>
<h2>RCM3720 Cryptography, Network and Computer Security</h2>
<h3>Laboratory Class 7: Knapsack cryptosystems</h3>
</center>
<hr/>
You will need to read in the <a href="rcm3720.input">rcm3720.input</a>
file for various necessary procedures.
<br/><br/>
<b>The subset sum problem</b>
<br/><br/>
We will first experiment with this problem; creating random lists and adding
up elements from them.
<ul>
<li> Start with a list of eight elements:
<ul>
<li> <span class="cmd">ln:=8</span></li>
<li> <span class="cmd">lst:=[random(10^6) for i in 1..ln]</span></li>
<li> <span class="cmd">m:=[random(2) for i in 1..ln]</span></li>
<li> <span class="cmd">c:=reduce(+,[m.i*lst.i for i in 1..ln])</span></li>
<li> <span class="cmd">subsetsum(lst,c)</span></li>
</ul>
</li>
<li> The <tt>subsetsum</tt> command implements a fairly non-efficient
command for attemping to solve the subset sum problem for an
arbitrary list.
</li>
<li> Try the above commands, but starting with a length <tt>ln</tt> of
12. You should find the command is a bit slower this time.
Use this command to time it:
<ul>
<li> <span class="cmd">)set messages time on</span></li>
</ul>
</li>
<li> Experiment with lengths of 16 and 20. How long does the
<tt>subsetsum</tt> command take for each of these values?
</li>
</ul>
<br/><br/>
<b>Superincreasing sequences</b>
<ul>
<li> Create a superincreasing sequence with
<ul>
<li> <span class="cmd">ln:=8</span></li>
<li> <span class="cmd">lst:=[random(10^6) for i in 1..ln]</span></li>
<li>
<span class="cmd">
for i in 2..ln repeat lst.i:=reduce(+,[lst.j for j in 1..i-1])+random(10)+1
</span>
</li>
</ul>
</li>
<li> Now create <tt>m</tt> and <tt>c</tt> as above. This time, solve the
problem with
<ul>
<li> <span class="cmd">siSolve(lst,c)</span></li>
</ul>
</li>
<li> Now try with larger lengths: 12, 16 and 20, and time the commands each
time.
</li>
<li> What can you say about solving the subset sum problem for general and
superincreasing lists?
</li>
</ul>
<br/><br/>
<b>The Merkle-Hellman additive knapsack system</b>
<ul>
<li> Create a superincreasing list of length <tt>ln</tt> 10, and call it
<tt>a</tt>. Create a new number <tt>N</tt> greater than the sum of all
values of <tt>a</tt>. Check with
<ul>
<li> <span class="cmd">N>reduce(+,[a.i for i in 1..ln])</span></li>
</ul>
</li>
<li> Now choose (randomly) a value <b>wN</b> and which is
relatively prime to <b>N</b>. Then construct your public key:
<ul>
<li> <span class="cmd">b:=map(x +-> x*w rem N,a)</span></li>
</ul>
</li>
<li> Now for an encryption and decryption. Create a random message <tt>m</tt>
as above, and encrypt it to a ciphertext <tt>c</tt> using the public key
<tt>b</tt>.
</li>
<li> Decrypt it as follows:
<ul>
<li> <span class="cmd">c1:=inv_mod(w,N)*c rem N</span></li>
<li> <span class="cmd">siSolve(a,c1)</span></li>
</ul>
</li>
<li>
Experiment with longer lists and messages: 12, 16, 20 or even larger.
</li>
</ul>
<br/><br/>
<b>The Merkle-Hellman multiplicative knapsack system</b>
<ul>
<li> Choose <tt>a</tt> to be the first ten primes,
and a large prime <tt>p</tt>:
<ul>
<li> <span class="cmd">a:=[2,3,5,7,11,13,17,19,23,29]</span></li>
<li> <span class="cmd">p:=6469785001</span></li>
</ul>
</li>
<li> Check that <tt>p</tt> is greater than the product of all elements of
<tt>a</tt>:
<ul>
<li> <span class="cmd">p>reduce(*,[a.i for i in 1..10])</span></li>
</ul>
</li>
<li> and that <tt>p-1</tt> has only small factors:
<ul>
<li> <span class="cmd">factor(p-1)</span></li>
</ul>
</li>
<li> Choose as a primitive root the value 34:
<ul>
<li> <span class="cmd">r:=34</span></li>
<li> <span class="cmd">primitive?(r)$PF(p)</span></li>
</ul>
</li>
<li> and compute the public key:
<ul>
<li> <span class="cmd">b:=map(x +-> discreteLog(r,x)$PF(p),a)</span></li>
</ul>
</li>
<li> Create a message of length 10, and encrypt it using the public key
<tt>b</tt>:
<ul>
<li>
<span class="cmd">
c:=reduce(+,[m.i*b.i::INT for i in 1..ln])
</span>
</li>
</ul>
</li>
<li> Decryption is now done with:
<ul>
<li> <span class="cmd">c1:=powmod(r,c,p)</span></li>
<li> <span class="cmd">factor(c1)</span></li>
</ul>
</li>
</ul>
</body>
</html>
|